Huntgroups and Rejects

Ing. Andrés Gallo agallo at cotel.com.ar
Thu Sep 27 16:14:10 CEST 2018


Hello

We are trying to make two groups of users, General and FixedIP ( IPFIJA ).
To achieve that, we want to set a group of NASes to the General Group, 
serving any customer.
And only one NAS, to get ONLY the 'IP-FIJA' customers. Rejecting others.
This way, if customer G1 in General group hits the NAS in NAS-Fixed_IP 
(IPFIJA), it's rejected.
And customer F1, in FixedIP group, hits NAS-General, also rejected.

Code in 'default' is:

update request {
       Huntgroup-Name := "%{sql:SELECT groupname FROM radhuntgroup WHERE 
nasipaddress='%{NAS-IP-Address}'}"
                    }

      #
      if (Huntgroup-Name == "IPFIJA" &&  SQL-Group != "IP-FIJA") {
          reject
       }


Works great this way.

The question is if there's any way to 'silent' the rejects for the 
particular case of 'Wrong NAS/Wrong group'.
Mean, once customer G1 request auth to NAS-Fixed_IP, instead of 'log' 
the reject, silently discard it.
Because besides the RadPostAuth table whose inserts can be handled by 
some 'if ..then' like above, the server status ( polled by SNMP 
statistics ) grows a lot in such cases.


Regards

Andres


More information about the Freeradius-Users mailing list